Batu69 Posted November 3, 2016 Share Posted November 3, 2016 The Linux Plumbers Conference's internet has been slowed to a crawl. SANTA FE, NM -- If you can't reach your favorite Linux developer by IM or e-mail today, it's because they're under a denial of service (DoS) attack. The top programmers are all at the Linux Plumbers conference, which is being hammered by an Internet attacker. Massive DDoS attacks like Dyn get the headlines, but as the top Linux programmers recently found out, ISPs still aren't protecting against old fashioned Denial of Service attacks like SYN flood. Yes, even the best developers of the world can be put out of the commission when their internet is strangled. According to James Bottomley, an IBM Research distinguished engineer and a member of the Linux Plumbers Conference committee, "Since yesterday we are being attacked from the outside. The attack follows us as we switch external IP and the team has identified at least one inside node which looks suspicious." The conference is not being attacked by some sophisticated Internet of Things distributed denial of service (DDoS) attack like the Dyn attack. No, it's being mugged by one of the oldest attacks in the DoS book: a SYN flood. In a SYN flood, the attacker breaks the normal TCP-startup three-way connection hand-shake. If you do this enough times, by "flooding" the router, the router runs out of memory and no one is able to make Internet connections. The truly annoying thing about this type of attack --which has been around for more than 20 years -- is that it's easy to prevent. There are at least eight, count them eight, ways to mitigate SYN floods. What's far more troubling is that the Santa Fe ISP didn't have any of the SYN flood defenses up. We know that massive Internet-killing DDoS attacks are on their way; and here we find a national ISP in a state capital can't deal with an old-fashioned Internet assault. I've predicted we'll see serious Internet breakdown this year. Looking at this local Internet slowdown I'm surprised it hasn't already. Yes, a lot of blame for Internet attacks goes to IoT manufacturers and insufficiently hardened web servers, but ISPs are guilty of poor security as well. Article source Link to comment Share on other sites More sharing options...
steven36 Posted November 3, 2016 Share Posted November 3, 2016 1 hour ago, Batu69 said: I've predicted we'll see serious Internet breakdown this year Nice to take credit for something someone else predicted isn't it ? It was Bruce Schneier who predicted this Also Linux was attacked when that big DDOS attack took place ARCH forums got shut down but when a bunch of big sites get DDOS as well it only made the news at reedit lol Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.